Chirpy

• Chirpy is a knockoff version of the popular social-media platform, X (formerly Twitter), developed in Go to learn about servers, database management, and security.
• It contains API routes for creating users and chirps, getting and deleting chirps, logging in, refreshing tokens, and viewing server metrics. It leverages password hashing using bcrypt, session tokens using JWTs, and refresh tokens using SHA-256 for proper authentication and authorization.

Setup

1. Clone the repository
2. Set up an .env file with the following environment variables:
   • PORT: Port that the server listens on
   • DB_URL: URL of database (PostgreSQL recommended)
   • PLATFORM: Status of server [dev, test, production]
     • Certain APIs limit to dev
   • SECRET: Secret token string used when generating JWT session tokens
     • Run openssl rand -base64 64 to generate a long random string
   • POLKA_KEY: API key used for authorizing webhooks
3. Run go install github.com/pressly/goose/v3/cmd/goose@latest to install Goose
   • Run goose -version to ensure it has been installed
4. Run goose postgres <DB_URL> up in the sql/schema directory to run the migrations
5. Run go build -o && ./out to build and run the server

Documentation

Header Request

{
    "Authorization": "Bearer TOKEN"
}

User Response

{
    "id": UUID,
    "created_at": TIMESTAMP,
    "updated_at": TIMESTAMP,
    "email": STRING,
    "is_chirpy_red": BOOLEAN
}

Auth Response

{
    "token": "TOKEN_STRING",
    "refresh_token": "REFRESH_TOKEN_STRING"
}

Chirps API

• GET /api/chirps
  • Additional Parameters:
    • author_id
    • sort [asc | desc]
• GET /api/chirps/${chirpID}
• POST /api/chirps
• DELETE /api/chirps/${chirpID}

Users API

• POST /api/users
• PUT /api/users
  • Update email and password
• POST /api/login
• POST /api/refresh
  • Generate a new session token
• POST /api/revoke
  • Revoke a refresh token

Misc API

• GET /api/healthz
• GET /admin/metrics
• POST /admin/reset